Merge pull request #564 from convox/release-20160420

Release: 2016-04-20

Dockerfile

@@ -1,10 +1,10 @@
 FROM golang:1.6-alpine
 
-RUN apk update && apk add docker git haproxy openssh openssl python
+RUN apk update && apk add build-base docker git haproxy openssh openssl python
 
 RUN go get github.com/ddollar/init
-RUN go get github.com/ddollar/rerun
-COPY pkg/cfssl /go/bin/cfssl
+RUN go get github.com/convox/rerun
+RUN go get github.com/convox/cfssl/cmd/cfssl
 
 COPY conf/haproxy.cfg /etc/haproxy/haproxy.cfg
 

api/Makefile

@@ -9,6 +9,7 @@ build:
 
 templates:
 	go-bindata -pkg=models -prefix=models -o=models/templates.go models/templates/...
+	go-bindata -pkg=aws -prefix=provider/aws -o=provider/aws/templates.go provider/aws/templates/...
 
 test:
 	go get -t ./...

api/controllers/links.go

@@ -5,18 +5,17 @@ import (
 
 	"github.com/convox/rack/api/httperr"
 	"github.com/convox/rack/api/models"
+	"github.com/convox/rack/api/provider"
 	"github.com/gorilla/mux"
 )
 
 func LinkCreate(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 	service := mux.Vars(r)["service"]
 
 	s, err := models.GetService(service)
-
 	if awsError(err) == "ValidationError" {
 		return httperr.Errorf(404, "no such service: %s", service)
 	}
-
 	if err != nil {
 		return httperr.Server(err)
 	}
@@ -25,6 +24,16 @@ func LinkCreate(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 		return httperr.Errorf(403, "can not link service with status: %s", s.Status)
 	}
 
+	// new services should use the provider interfaces
+	if s.Type == "syslog" {
+		s, err := provider.ServiceLink(service, GetForm(r, "app"), GetForm(r, "process"))
+		if err != nil {
+			return httperr.Server(err)
+		}
+
+		return RenderJson(rw, s)
+	}
+
 	if s.Type != "papertrail" {
 		return httperr.Errorf(403, "linking is not yet implemented for service type: %s", s.Type)
 	}
@@ -55,11 +64,9 @@ func LinkDelete(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 	service := mux.Vars(r)["service"]
 
 	s, err := models.GetService(service)
-
 	if awsError(err) == "ValidationError" {
 		return httperr.Errorf(404, "no such service: %s", service)
 	}
-
 	if err != nil {
 		return httperr.Server(err)
 	}
@@ -68,6 +75,16 @@ func LinkDelete(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 		return httperr.Errorf(403, "can not unlink service with status: %s", s.Status)
 	}
 
+	// new services should use the provider interfaces
+	if s.Type == "syslog" {
+		s, err := provider.ServiceUnlink(service, app, GetForm(r, "process"))
+		if err != nil {
+			return httperr.Server(err)
+		}
+
+		return RenderJson(rw, s)
+	}
+
 	if s.Type != "papertrail" {
 		return httperr.Errorf(403, "unlinking is not yet implemented for service type: %s", s.Type)
 	}

api/controllers/routes.go

@@ -39,9 +39,7 @@ func NewRouter() (router *mux.Router) {
 	router.HandleFunc("/apps/{app}/releases/{release}", api("release.get", ReleaseGet)).Methods("GET")
 	router.HandleFunc("/apps/{app}/releases/{release}/promote", api("release.promote", ReleasePromote)).Methods("POST")
 	router.HandleFunc("/apps/{app}/ssl", api("ssl.list", SSLList)).Methods("GET")
-	router.HandleFunc("/apps/{app}/ssl", api("ssl.create", SSLCreate)).Methods("POST")
-	router.HandleFunc("/apps/{app}/ssl", api("ssl.update", SSLUpdate)).Methods("PUT")
-	router.HandleFunc("/apps/{app}/ssl/{process}/{port}", api("ssl.delete", SSLDelete)).Methods("DELETE")
+	router.HandleFunc("/apps/{app}/ssl/{process}/{port}", api("ssl.update", SSLUpdate)).Methods("PUT")
 	router.HandleFunc("/auth", api("auth", Auth)).Methods("GET")
 	router.HandleFunc("/index/diff", api("index.diff", IndexDiff)).Methods("POST")
 	router.HandleFunc("/index/file/{hash}", api("index.upload", IndexUpload)).Methods("POST")

api/controllers/services.go

@@ -7,6 +7,7 @@ import (
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/convox/rack/api/httperr"
 	"github.com/convox/rack/api/models"
+	"github.com/convox/rack/api/provider"
 	"github.com/gorilla/mux"
 )
 
@@ -24,15 +25,23 @@ func ServiceShow(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 	service := mux.Vars(r)["service"]
 
 	s, err := models.GetService(service)
-
 	if awsError(err) == "ValidationError" {
 		return httperr.Errorf(404, "no such service: %s", service)
 	}
-
 	if err != nil {
 		return httperr.Server(err)
 	}
 
+	// new services should use the provider interfaces
+	if s.Type == "syslog" {
+		s, err := provider.ServiceGet(service)
+		if err != nil {
+			return httperr.Server(err)
+		}
+
+		return RenderJson(rw, s)
+	}
+
 	return RenderJson(rw, s)
 }
 
@@ -54,6 +63,16 @@ func ServiceCreate(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 	kind := params["type"]
 	delete(params, "type")
 
+	// new services should use the provider interfaces
+	if kind == "syslog" {
+		s, err := provider.ServiceCreate(name, kind, params)
+		if err != nil {
+			return httperr.Server(err)
+		}
+
+		return RenderJson(rw, s)
+	}
+
 	// Early check for unbound service only.
 	service, err := models.GetServiceUnbound(name)
 
@@ -98,23 +117,29 @@ func ServiceDelete(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 	service := mux.Vars(r)["service"]
 
 	s, err := models.GetService(service)
-
 	if awsError(err) == "ValidationError" {
 		return httperr.Errorf(404, "no such service: %s", service)
 	}
-
 	if err != nil {
 		return httperr.Server(err)
 	}
 
-	err = s.Delete()
+	// new services should use the provider interfaces
+	if s.Type == "syslog" {
+		s, err := provider.ServiceDelete(service)
+		if err != nil {
+			return httperr.Server(err)
+		}
 
+		return RenderJson(rw, s)
+	}
+
+	err = s.Delete()
 	if err != nil {
 		return httperr.Server(err)
 	}
 
 	s, err = models.GetService(service)
-
 	if err != nil {
 		return httperr.Server(err)
 	}

api/controllers/ssl.go

@@ -26,76 +26,11 @@ func SSLList(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 	return RenderJson(rw, ssls)
 }
 
-func SSLCreate(rw http.ResponseWriter, r *http.Request) *httperr.Error {
-	a := mux.Vars(r)["app"]
-	process := GetForm(r, "process")
-	port := GetForm(r, "port")
-	arn := GetForm(r, "arn")
-	chain := GetForm(r, "chain")
-	body := GetForm(r, "body")
-	key := GetForm(r, "key")
-	secure := GetForm(r, "secure")
-
-	if process == "" {
-		return httperr.Errorf(403, "must specify a process")
-	}
-
-	portn, err := strconv.Atoi(port)
-
-	if err != nil {
-		return httperr.Errorf(403, "port must be numeric")
-	}
-
-	if (arn != "") && !validateARNFormat(arn) {
-		return httperr.Errorf(403, "arn must follow the AWS ARN format")
-	}
-
-	ssl, err := models.CreateSSL(a, process, portn, arn, body, key, chain, (secure == "true"))
-
-	if awsError(err) == "ValidationError" {
-		return httperr.Errorf(404, "%s", err)
-	}
-
-	if err != nil {
-		return httperr.Server(err)
-	}
-
-	return RenderJson(rw, ssl)
-}
-
-func SSLDelete(rw http.ResponseWriter, r *http.Request) *httperr.Error {
+func SSLUpdate(rw http.ResponseWriter, r *http.Request) *httperr.Error {
 	vars := mux.Vars(r)
-	app := vars["app"]
+	a := vars["app"]
 	process := vars["process"]
 	port := vars["port"]
-
-	if process == "" {
-		return httperr.Errorf(403, "must specify a process")
-	}
-
-	portn, err := strconv.Atoi(port)
-
-	if err != nil {
-		return httperr.Errorf(403, "port must be numeric")
-	}
-
-	ssl, err := models.DeleteSSL(app, process, portn)
-
-	if awsError(err) == "ValidationError" {
-		return httperr.Errorf(404, "no such app: %s", app)
-	}
-
-	if err != nil {
-		return httperr.Server(err)
-	}
-
-	return RenderJson(rw, ssl)
-}
-
-func SSLUpdate(rw http.ResponseWriter, r *http.Request) *httperr.Error {
-	a := mux.Vars(r)["app"]
-	process := GetForm(r, "process")
-	port := GetForm(r, "port")
 	arn := GetForm(r, "arn")
 	chain := GetForm(r, "chain")
 	body := GetForm(r, "body")

api/manifest.yml

@@ -552,6 +552,54 @@ paths:
           description: not found
           schema:
             $ref: '#/definitions/error'
+  /apps/{app}/ssl:
+    get:
+      description: List SSL listeners for an app
+      parameters:
+      - name: app
+        description: app name
+        type: string
+        in: path
+        required: true
+      responses:
+        200:
+          description: ssls
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/ssl'
+        404:
+          description: not found
+          schema:
+            $ref: '#/definitions/error'
+  /apps/{app}/ssl/{process}/{port}:
+    put:
+      description: List SSL listeners for an app
+      parameters:
+      - name: app
+        description: app name
+        type: string
+        in: path
+        required: true
+      - name: process
+        description: process name
+        type: string
+        in: path
+        required: true
+      - name: port
+        description: port number
+        type: integer
+        in: path
+        required: true
+      responses:
+        200:
+          description: ssl
+          schema:
+            $ref: '#/definitions/ssl'
+        404:
+          description: not found
+          schema:
+            $ref: '#/definitions/error'
   /auth:
     get:
       description: authenticate password
@@ -865,6 +913,18 @@ definitions:
         type: string
       url:
         type: string
+  ssl:
+    properties:
+      domain:
+        type: string
+      expiration:
+        type: string
+      port:
+        type: integer
+      process:
+        type: string
+      secure:
+        type: boolean
   success:
     properties:
       success:

api/manifest/manifest.go

@@ -774,11 +774,17 @@ func (me ManifestEntry) runAsync(m *Manifest, prefix, app, process string, cache
 			return
 		}
 
-		switch me.Label(fmt.Sprintf("convox.port.%s.protocol", container)) {
-		case "proxy":
+		switch proto := me.Label(fmt.Sprintf("convox.port.%s.protocol", host)); proto {
+		case "https", "tls":
+			proxy := false
+
+			if me.Label(fmt.Sprintf("convox.port.%s.proxy")) == "true" {
+				proxy = true
+			}
+
 			rnd := RandomPort()
-			fmt.Println(prefix, special(fmt.Sprintf("proxy protocol enabled for %s:%s", host, container)))
-			go proxyPort(host, fmt.Sprintf("%s:%d", gateway, rnd))
+			fmt.Println(prefix, special(fmt.Sprintf("%s proxy enabled for %s:%s", proto, host, container)))
+			go proxyPort(proto, host, fmt.Sprintf("%s:%d", gateway, rnd), proxy)
 			host = strconv.Itoa(rnd)
 		}
 
@@ -903,8 +909,17 @@ func exists(filename string) bool {
 	return true
 }
 
-func proxyPort(from, to string) {
-	Execer("docker", "run", "-p", fmt.Sprintf("%s:%s", from, from), "convox/proxy", from, to, "proxy").Run()
+func proxyPort(protocol, from, to string, proxy bool) {
+	args := []string{"run", "-p", fmt.Sprintf("%s:%s", from, from), "convox/proxy", from, to, protocol}
+
+	if proxy {
+		args = append(args, "proxy")
+	}
+
+	cmd := Execer("docker", args...)
+	// cmd.Stdout = os.Stdout
+	// cmd.Stderr = os.Stderr
+	cmd.Run()
 }
 
 func injectDockerfile(dir string) error {